CVE-2025-22481

🗓️ 06 Jun 2025 15:53:18Reported by qnapType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 60 Views

Command injection vulnerability in QNAP systems allows remote code execution by authenticated users.

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2025-22481	6 Jun 202516:15	–	attackerkb
Circl	CVE-2025-22481	11 Jun 202504:33	–	circl
CNNVD	QNAP operating system 命令注入漏洞	6 Jun 202500:00	–	cnnvd
CNVD	QNAP QTS and QNAP QuTS hero command injection vulnerabilities	10 Jun 202500:00	–	cnvd
Cvelist	CVE-2025-22481 QTS, QuTS hero	6 Jun 202515:53	–	cvelist
EUVD	EUVD-2025-17340	3 Oct 202520:07	–	euvd
NVD	CVE-2025-22481	6 Jun 202516:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-25-12)	10 Jun 202500:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-25-12)	10 Jun 202500:00	–	openvas
OSV	CVE-2025-22481	6 Jun 202516:15	–	osv

NVD

Node

qnap qtsMatch5.2.0.2737build_20240417

qnap qtsMatch5.2.0.2744build_20240424

qnap qtsMatch5.2.0.2782build_20240601

qnap qtsMatch5.2.0.2802build_20240620

qnap qtsMatch5.2.0.2823build_20240711

qnap qtsMatch5.2.0.2851build_20240808

qnap qtsMatch5.2.0.2860build_20240817

qnap qtsMatch5.2.1.2930build_20241025

qnap qtsMatch5.2.2.2950build_20241114

qnap qtsMatch5.2.3.3006build_20250108

qnap qtsMatch5.2.4.3070build_20250312

Node

qnap quts_heroMatchh5.2.0.2737build_20240417

qnap quts_heroMatchh5.2.0.2782build_20240601

qnap quts_heroMatchh5.2.0.2789build_20240607

qnap quts_heroMatchh5.2.0.2802build_20240620

qnap quts_heroMatchh5.2.0.2823build_20240711

qnap quts_heroMatchh5.2.0.2851build_20240808

qnap quts_heroMatchh5.2.0.2860build_20240817

qnap quts_heroMatchh5.2.1.2929build_20241025

qnap quts_heroMatchh5.2.1.2940build_20241105

qnap quts_heroMatchh5.2.2.2952build_20241116

qnap quts_heroMatchh5.2.3.3006build_20250108

qnap quts_heroMatchh5.2.4.3070build_20250312

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.2.4.3079 build 20250321",
        "status": "affected",
        "version": "5.2.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.2.4.3079 build 20250321",
        "status": "affected",
        "version": "h5.2.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-25-12

23 Sep 2025 14:25Current

8.1High risk

Vulners AI Score8.1

CVSS 3.18.8

CVSS 48.7

EPSS0.00632

SSVC